The Russia-Ukraine battle is growing the danger of ransomware assaults and different cyber threats for U.S. firms, and people within the well being care trade could also be focused. In a latest analyst notice from the Division of Well being & Human Companies (“HHS”), HHS describes the cyber capabilities of Russia, one of many world’s main cyberpowers, and analyzes two malware variants most definitely to influence the U.S. well being care and public well being sector. These are HermeticWiper and WhisperGate, two malware variants which have been used towards Ukraine through the battle. Though HHS isn’t at the moment conscious of any particular risk to the U.S. well being care and public well being sector, organizations within the sector ought to stay vigilant and proactively take measures to mitigate the danger of a cyber-attack.
In a latest weblog publish, Lisa Pino, Director for the Workplace for Civil Rights, outlines a number of methods well being care organizations can put together for cyberattacks in 2022. Because the weblog publish notes, 2021 noticed a number of cyberattacks on hospitals and well being care programs, resulting in cancellations of procedures reminiscent of surgical procedures and radiology exams because of the influence of such cyberattacks. The weblog publish calls on lined entities and enterprise associates to enhance their cyber posture in 2022, and one space of focus ought to be the enterprise-wide danger evaluation. Danger analyses ought to be complete in scope and canopy all digital protected well being data throughout the group. Different finest practices famous within the weblog publish embody sustaining offline, encrypted backups of information and frequently testing backups; conducting common vulnerability scans; frequently patching and updating software program and working programs; and coaching workers on phishing and different frequent IT assaults.